Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Vulnerabilities explained in pages
  • Loading branch information
FrancescoBorzi committed Mar 30, 2014
1 parent 5e4f47a commit c9ef101
Show file tree
Hide file tree
Showing 5 changed files with 53 additions and 4 deletions.
6 changes: 2 additions & 4 deletions README.md
Expand Up @@ -2,8 +2,6 @@ This is a demonstration about SQL-Injection for an universitary project, you can

http://sqlidemo.altervista.org

- Legal login: <strong>admin</strong> Password: <strong>pwd1</strong>
- All vulnerabilities are explained in vulnerable pages

- Vulnerable page <strong>login1.php</strong> can be violated by passing <strong>' OR '1'='1</strong> as password.

- Vulnerable page <strong>books1.php</strong> can be used to get all user table content by passing <strong>' UNION SELECT * FROM users WHERE '1'='1</strong> as author.
- Database content is available in 'database.sql' file
17 changes: 17 additions & 0 deletions books1.php
Expand Up @@ -148,6 +148,23 @@
</div>
</div>

<hr>
<div class="row">
<div class="col-sm-12">
<h4>Vulnerability:</h4>
</div>
</div>

<div class="row">
<div class="col-sm-12">
<div class="highlight">
<pre>
Pass <strong>' UNION SELECT * FROM users WHERE '1'='1</strong> as author to get all users data.
</pre>
</div>
</div>
</div>

<br>
<div class="footer">
<p></p>Francesco Borzì - Computer Security Project</p>
Expand Down
File renamed without changes.
17 changes: 17 additions & 0 deletions login1.php
Expand Up @@ -162,6 +162,23 @@
</div>
</div>

<hr>
<div class="row">
<div class="col-sm-12">
<h4>Vulnerability:</h4>
</div>
</div>

<div class="row">
<div class="col-sm-12">
<div class="highlight">
<pre>
Pass <strong>1' OR '1'='1</strong> as password to get authenticated.
</pre>
</div>
</div>
</div>

<br>
<div class="footer">
<p></p>Francesco Borzì - Computer Security Project</p>
Expand Down
17 changes: 17 additions & 0 deletions login3.php
Expand Up @@ -162,6 +162,23 @@
</div>
</div>

<hr>
<div class="row">
<div class="col-sm-12">
<h4>Vulnerability:</h4>
</div>
</div>

<div class="row">
<div class="col-sm-12">
<div class="highlight">
<pre>
Pass <strong>1 OR 1=1</strong> as PIN to get authenticated.
</pre>
</div>
</div>
</div>

<br>
<div class="footer">
<p></p>Francesco Borzì - Computer Security Project</p>
Expand Down

0 comments on commit c9ef101

Please sign in to comment.